44 matches found
EUVD-1999-0803
Malware in sbrugna...
EUVD-2003-0139
Malware in sbrugna...
EUVD-2000-0319
Malware in sbrugna...
EUVD-2002-0881
Malware in sbrugna...
EUVD-2000-0441
Malware in sbrugna...
EUVD-2005-1154
Malware in sbrugna...
Via Qpopper2. 5 3 remote access shell-vulnerability warning-the black bar safety net
Description Qpopper is using a fairly wide range of POP3 server, allowing the user through a POP3 client to read their letters. It is usually used for standard UNIX system mail service. Questions In Qpopper2. 5 3 version, QPOP vulnerabilities will make you a remote to get a gid=mail shell. The...
Debian DSA-259-1 : qpopper - mail user privilege escalation
Florian Heinz posted to the Bugtraq mailing list an exploit for qpopper based on a bug in the included vsnprintf implementation. The sample exploit requires a valid user account and password, and overflows a string in the popmsg function to give the user 'mail' group privileges and a shell on the...
CVE-2003-0143
The popmsg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name...
qpopper < 4.0 PASS Command Remote Overflow
Binary data 1785.prm...
qpopper < 4.0.5fc2 Qvsnprintf Remote Overflow
Binary data 1786.prm...
qpopper < 3.0.1b2 EIUDL Arbitrary Command Execution
Binary data 1784.prm...
SUSE-SA:2003:018: qpopper
The remote host is missing the patch for the advisory SUSE-SA:2003:018 qpopper. The Post-Office-Protocol- POP- Server qpopper version 4 was vulnerable to a buffer overflow. The buffer overflow occurs after authentication has taken place. Therefore pop-users with a valid account can execute...
Qpopper 4.0.x - 'poppassd' Privilege Escalation
/ Title: Qpopper v4.0.x poppassd local root exploit. Exploit code: 0x82-Local.Qp0ppa55d.c -- ./0x82-Local.Qp0ppa55d -u x82 -p mypasswd Qpopper v4.0.x poppassd local root exploit. by Xpl017Elz / include include include include define BUFSZ 0x82 define DPOPPASS "/usr/local/bin/poppassd" define DNAM...
CVE-2002-0889
Buffer overflow in Qpopper popper 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file...
CVE-2002-0454
Qpopper aka in.qpopper or popper 4.0.3 and earlier allows remote attackers to cause a denial of service CPU consumption via a very large string, which causes an infinite loop...
[SECURITY] [DSA-259-1] qpopper user privilege escalation
Package: qpopper Vulnerability: mail user privilege escalation Debian-specific: no Florian Heinz [email protected] posted to the Bugtraq mailing list an exploit for qpopper based on a bug in the included vsnprintf implementation. The sample exploit requires a valid user account and password, and...
DSA-259 qpopper - mail user privilege escalation
Bulletin has no description...
Qpopper 34 - Username Information Disclosure
Qpopper 34 - Username Information Disclosure source: https://www.securityfocus.com/bid/7110/info An information disclosure weakness has been reported for Qpopper when authenticating. The weakness is due to the fact that if a valid username is sent with a bad password, Qpopper will wait a small...
QPopper 4.0.x buffer overflow vulnerability
Hello, Under certain conditions it is possible to execute arbitrary code using a buffer overflow in the recent qpopper. You need a valid username/password-combination and code is depending on the setup usually executed with the user's uid and gid mail. Explanation: Qualcomm provides their own...